<?php
//接收用户的数据
$id=$_POST['id'];
$password=$_POST['password'];

//验证验证码
$checkcode=$_POST['checkcode'];

session_start();
if ($checkcode!=$_SESSION['mycheckcode']) {
	header("Location:login.php?errno=2");
	exit();
}



if ($id=="") {
	header("Location:login.php?errno=3");
	exit();
}


//数据库验证
$conn=mysql_connect("localhost","root","gefacd3");
if(!$conn){
	die("connet fail".mysql_errno());
}
mysql_query("set names utf8",$conn) or die(mysql_errno());
//选择数据库
mysql_select_db("northpark",$conn) or die(mysql_errno());

$sql="select password from admin where id=$id";


$res=mysql_query($sql,$conn);
if ($row = mysql_fetch_assoc($res)) {
	if ($row["password"]== md5($password)) {
		session_start();
		$_SESSION["login"]="YES";
		echo "<script language=javascript>alert('Login succeed!');
				location.href='Manage.php';</script>";
// 		header("Location:Manage.php");
		exit();
	}
	else {
		header("Location:login.php?errno=1");
		exit();
	}
}else {
header("Location:login.php?errno=1");
exit();
}
//关闭资源
mysql_free_result($res);
mysql_close($conn);
?>